Hello,
I followed the directions here:
http://support.microsoft.com/kb/321051 to set up LDAPS. I used a certificate purchased from GoDaddy. After rebooting, I cannot get the connection to work using ldp.exe. I'm thinking maybe my certificate was configured incorrectly?
The name of the server is DNSSrvr1. The DN for the server is CN=DNSSrvr1,OU=Domain Controllers,DC=mydomain,DC
=com. I set up the request.inf file as follows:
;----------------- request.inf -----------------
[Version]
Signature="$Windows NT$
[NewRequest]
Subject = "CN=DNSSrvr1,OU=Domain Controllers,DC=mydomain,DC
=com" ; replace with the FQDN of the DC
KeySpec = 1
KeyLength = 2048
; Can be 1024, 2048, 4096, 8192, or 16384.
; Larger key sizes are more secure, but have
; a greater impact on performance.
Exportable = TRUE
MachineKeySet = TRUE
SMIME = False
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0
[EnhancedKeyUsageExtension
]
OID=1.3.6.1.5.5.7.3.1 ; this is for Server Authentication
;-------------------------
----------
----------
--
The certificate came back from GoDaddy for "DNSSrvr1", not the entire DN, could that be an issue?
I put the certificate in the Local Computer Personal container.
When I run the ldp.exe utility, entering either the name of the server or the IP of the server, trying them in combination with both port 636 and 3269, I get Error <0x51>: Fail to connect to DNSSrvr1.
Any ideas? I'm not quite sure where to go from here. I hate to go through the process of re-requesting the certificate if that isn't the issue.
Thank you,
Christine
Our community of experts have been thoroughly vetted for their expertise and industry experience.